package com.shiro.login;

import com.entity.SysUser;
import com.shiro.vcode.Captcha;
import com.shiro.vcode.GifCaptcha;
import com.shiro.vcode.SpecCaptcha;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * @author lanouhn
 */
@Controller
@RequestMapping(value = "/admin")
public class LoginController {
    /**
     * 登录
     *
     * @param username
     * @param password
     * @return
     */
    @RequestMapping(value = "/login")
    public String login(String username, String password,String ValidateCode) {
        // 获取当前执行的用户
        Subject currentUser = SecurityUtils.getSubject();
        //获取验证码并把字母转换为小写
        String validateCode = String.valueOf(currentUser.getSession().getAttribute("ValidateCode"));
        //判断验证码是否正确 如果不正确直接到登录界面
        //toLowerCase:把字母全部转换为小写
        if (!ValidateCode.toLowerCase().equals(validateCode)){
            return "redirect:admin/login.jsp";
        }
        // 让我们登录当前的用户，这样我们就可以检查角色和权限:
        if (!currentUser.isAuthenticated()) {
            //把用户名和密码封装成UsernamePasswordToken对象
            UsernamePasswordToken token = new UsernamePasswordToken(username, password);
            //是否记住我
            token.setRememberMe(true);
            try {
                //掉用login方法执行登录
                currentUser.login(token);
            }
            // 在这里捕获更多的异常(可能是特定于您的应用程序的定制?
            catch (AuthenticationException ae) {
                //意想不到的条件?错误呢?
                return "redirect:admin/login.jsp";
            }
        }
        return "admin/index";
    }

    /**
     * 退出
     *
     * @return
     */
    @RequestMapping(value = "/logout")
    public String logout() {
        // 获取当前执行的用户
        Subject currentUser = SecurityUtils.getSubject();
        //执行退出
        currentUser.logout();
        //跳转到登录界面
        return "redirect:admin/login.jsp";
    }


    /**
     * 获取验证码（Gif版本）
     *
     * @param response
     */
    @RequestMapping(value = "/getGifCode", method = RequestMethod.GET)
    public void getGifCode(HttpServletResponse response, HttpServletRequest request) {
        try {
            response.setHeader("Pragma", "No-cache");
            response.setHeader("Cache-Control", "no-cache");
            response.setDateHeader("Expires", 0);
            response.setContentType("image/gif");
            /**
             * gif格式动画验证码
             * 宽，高，位数。
             */
            Captcha captcha = new GifCaptcha(120, 40, 4);
            //输出
            ServletOutputStream out = response.getOutputStream();
            captcha.out(out);
            out.flush();
            //把验证码存入Shiro会话session
            String ValidateCode = captcha.text().toLowerCase();
            request.getSession().setAttribute("ValidateCode",ValidateCode);
        } catch (Exception e) {
        }
    }
}
